AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-43059: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix list corruption and UAF in com

infovulnerability

security

Source: NVD/CVE DatabaseMay 5, 2026CVE-2026-43059

Summary

A Linux kernel Bluetooth vulnerability involved list corruption (damage to data structures that track pending commands) and UAF (use-after-free, where code tries to access memory that has already been freed). The bug occurred because mgmt_pending_valid() automatically unlinks commands from a list, but some completion handlers were trying to unlink them again or process them after they were already removed, causing crashes and memory safety issues.

Solution / Mitigation

The patch replaces mgmt_pending_remove() with mgmt_pending_free() in mgmt_add_adv_patterns_monitor_complete(), and removes the mgmt_pending_foreach() call from set_mesh_complete() error path since mgmt_pending_valid() already unlinks the command at the function start. Additionally, the redundant mgmt_cmd_status() call is simplified to use cmd->opcode directly.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Disclosure Date

May 5, 2026

Classification

Attack SophisticationModerate

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-43059

First tracked: May 5, 2026 at 02:09 PM

Classified by LLM (prompt v3) · confidence: 95%